Wrox Programmer Forums
Go Back   Wrox Programmer Forums > PHP/MySQL > BOOK: Professional CodeIgniter ISBN: 978-0-470-28245-8
|
BOOK: Professional CodeIgniter ISBN: 978-0-470-28245-8
This is the forum to discuss the Wrox book Professional CodeIgniter by Thomas Myer; ISBN: 9780470282458
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Professional CodeIgniter ISBN: 978-0-470-28245-8 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old January 27th, 2010, 05:30 PM
Authorized User
Points: 133, Level: 2
Points: 133, Level: 2 Points: 133, Level: 2 Points: 133, Level: 2
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2009
Posts: 26
Thanks: 0
Thanked 1 Time in 1 Post
Default security (xss_clean) the data in controller or model?

In your sample code, I see you call the xss_clean through the my_security helper in the models.

I have a controller which will take a string as the parameter value.

And this controller will load several models to handle this parameter value.

Where should I xss_clean on this parameter value? If I xss_clean it in the controller, I just need to call it once and then the xss_clean checked value will pass to the models and the models will not need to xss_clean it in each of them.

But in theory, some other controller would call these models too, and then due to these models are not xss_clean this parameter value, then it would be a problem.

So I think the good practice is calling xss_clean in models.

In my case, I know these models would only be called by this controller only. Should I still stick with the rule, call xss_clean in models? Or should I xss_clean in the controller?

Or should I call xss_clean both in controller or model?


Thanks!





Similar Threads
Thread Thread Starter Forum Replies Last Post
Report Builder 2.0 and Model security barmanvarn Reporting Services 0 July 23rd, 2009 05:46 PM
.net security model rahul.agarawal ASP.NET 1.0 and 1.1 Professional 1 January 11th, 2007 12:36 AM
.net security model rahul.agarawal ASP.NET 1.0 and 1.1 Basics 1 January 10th, 2007 03:51 AM
Model View Controller gpartin33324 Java GUI 0 October 4th, 2004 04:00 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.